A text Appendix A is being submitted with this application.
The present invention relates in general to certifying authorizations in computer networks such as public packet switched communications networks.
Certifying authorities are known that generate public key certificates, enciphered with the private key of the certifying authority, that serve as letters of introduction of a particular party to any other party that can recognize the certifying authority as an introducer. The certifying authority typically makes the party seeking the certificate of introduction prove that it is who it says it is, and then the certifying authority accepts the public key of the party and returns it in the certificate of introduction signed with the private key of the certifying authority, thereby binding the name of the particular party to the public key of the party.
One aspect of the invention features a system for certifying authorizations that includes an authorizing computer and an authorized computer interconnected by a computer network. The authorizing computer creates a public key pair comprising a new public key and a new private key, and creates an authorization certificate that certifies that a holder of the authorization certificate is authorized to perform an action referred to in the authorization certificate. The authorization certificate includes the new public key. The authorizing computer causes the authorization certificate and the new private key to be transmitted to the authorized computer. The authorized computer receives the authorization certificate and the new private key and decrypts messages using the new private key as evidence that the authorized computer has obtained the authorization certificate legitimately.
Because the authorization certificate certifies that the holder is authorized to perform a certain action, rather than certifying only the identity of the holder, the authorization certificate can be issued by any arbitrary computer having a smart token such as a smart card that uniquely and securely identifies the owner of the card and may be removable from the computer. The authorized computer can use the authorization certificate as evidence that the authorized computer is authorized by the owner of the smart token at the authorizing computer to perform the action referred to in the authorization certificate.
According to another aspect of the invention the authorizing computer receives a first authorization certificate that certifies that a holder of the authorization certificate is authorized to perform an action referred to in the first authorization certificate. The authorizing computer then create a second authorization certificate that includes the first authorization certificate and certifies that a holder of the second authorization is granted additional authority with respect to performing the action referred to in the first authorization certificate. Thus, for example, a junior officer may create a first authorization certificate for purchase of a product and send it to a senior officer at the authorizing computer, who creates a second authorization certificate that includes the first authorization certificate and also grants additional authority for the purchase in the form of a countersignature grant of purchasing power. Then the senior office sends the second authorization certificate to an electronic merchant. The temporal order of authorizations in a chain is preserved because the each successive authorization certificate is incorporated into the next authorization certificate.
According to another aspect of the invention the authorization certificate has a file structure that supports critical components and extension components. The authorized computer accepts certificates having file structures that support critical components and extension components when the authorized computer is programmed to accept the critical components but rejects certificates having file structures that support critical components and extension components when the authorized computer is not programmed to accept the critical components. The authorizing computer includes information unique to the action referred to in the authorization certificate as at least one critical component of the authorization certificate in order to prevent the authorization certificate from being accepted by computers that are not programmed to accept the information unique to the action referred to in the authorization certificate. This helps to ensure against misuse of the authorization certificate.
Another aspect of the invention features a system for escrowing private keys that includes a computer and a smart token interconnected with the computer. The smart token includes a private key of a public key pair associated with the smart token. The computer encrypts the private key of the public key pair associated with the smart token with a public key of a public key pair associated with a user of the smart token. The computer also encrypts a private key of the public key pair of the user of the smart token with a public key of the public key pair associated with the smart token. The computer transmits to an escrow agent the encrypted private key of the public key pair associated with the smart token and the encrypted private key of the public key pair associated with the user of the smart token. This ensures that if one private key is lost, the other private key can be retrieved from the escrow agent.
Numerous other features, objects, and advantages of the invention will become apparent from the following detailed description when read in connection with the accompanying drawings.